AVD Azure AD connection flow:

1. Session hosts maintain permanent outbound connections to the RD broker.

2. User requests feed using windows app or web browser. (Feed discovery)

3. User authenticates with Azure AD and gets AAD token.

4. User presents the token to the RD web.

5. RD Web queries the RD Broker (with AAD token) resources.

6. RD Broker checks with the resource directory for geographical database.

7. The geographical database contains the connection files (.rdp file) and icons for every resources that a user has been provisioned.

8. The RD Broker service returns the rdp files and application icons to the web service (RD Web).

9. The RD Web service returns this information to the user's device.

10.  

11. User initiates connection using the RDP file.

12. The remote session begin with a connection to the Azure Front Door, which provides the global entry point to Azure Virtual Desktop (AVD)

13. Azure Front Door (AFD) directs the connection to the RD Gateway service with the lowest latency.

14. Gateway service queries the Broker service for session host (with token).

    1.  

15. The Broker orchestrates the connection between the user's devices and the session host.

16. The Broker service returns the session host to the same gateway service.

17.  

18. Depending on the configuration and available network protocols, connection is made using below:

19. Reverse connect transport: after both client and session host connected to the gateway service , it starts relaying the RDP traffic using Transmission Control Protocol (TCP) between the client and session host.

20. RDP Short path: a Direct User Datagram Protocol (UDP) - based transport is created between the user's device and the session host ,bypassing the gateway service.

21.  

NOTE: Reverse Connect Transport is the default connection type.

Types of Cloud:

1. Public cloud:- These are owned and operated by 3rd party cloud service providers, which delivers computing resources like, virtual machines, storage, network etc. over the internet.
   Microsoft Azure is an example of a public cloud with a public cloud all hardware, software and other supporting infrastructure is owned and managed by the cloud provider. In the case of Azure is it Microsoft.

2. Private cloud:- It refers to cloud computing resources used exclusively by a single business or organization. A private cloud can be physically located on company's own site datacenter.
   Some companies also pay 3rd party service providers to host their cloud. A private cloud is one in which service and infrastructure are maintained on a private network.

3. Hybrid Cloud: It combines public and private clouds bound together by technology that allows data and applications to be shared between them. By allowing data and applications to move between public and private cloud a hybrid clouds gives your business greater flexibility and more deployments options.

4. Multi-cloud:- AWS + Azure (hosted on Azure and backed on AWS)

Types of cloud computing services:-

1. Infrastructure as service IAAS: users manage their own operating system, software, data while provider manages the infrastructure.

2. Platform as server PAAS: Users manage their applications, while the provider manages underlying infrastructure and platform tools.

3. Software as service SAAS: Users access software applications hosted and managed by provider.

Types of Cloud:

1. Public cloud:- These are owned and operated by 3rd party cloud service providers, which delivers computing resources like, virtual machines, storage, network etc. over the internet.
   Microsoft Azure is an example of a public cloud with a public cloud all hardware, software and other supporting infrastructure is owned and managed by the cloud provider. In the case of Azure is it Microsoft.

2. Private cloud:- It refers to cloud computing resources used exclusively by a single business or organization. A private cloud can be physically located on company's own site datacenter.
   Some companies also pay 3rd party service providers to host their cloud. A private cloud is one in which service and infrastructure are maintained on a private network.

3. Hybrid Cloud: It combines public and private clouds bound together by technology that allows data and applications to be shared between them. By allowing data and applications to move between public and private cloud a hybrid clouds gives your business greater flexibility and more deployments options.

4. Multi-cloud:- AWS + Azure (hosted on Azure and backed on AWS)

 AVD is a desktop and app virtualization service that runs on Azure.

Prerequisites for Azure Virtual Desktop

• An Azure account with an active subscription

• A supported identity provider. Entra ID

• A supported operating system for session host virtual machines

• Appropriate licenses

• Network connectivity

• A Remote Desktop client like Windows App.

AVD components:

1. RD Broker: Orchestrates incoming connection.

1. RD Diagnostics:

1. RD gateway: A web socket service for RDP connectivity.

2. RD Web: the user-facing web site and endpoint and returns the connection information to the user's device.

3. Geographical database: Contains the connection file (.rdp) and icons for every resource that a user has been provisioned.

 AVD is a desktop and app virtualization service that runs on Azure.

Prerequisites for Azure Virtual Desktop

• An Azure account with an active subscription

• A supported identity provider. Entra ID

• A supported operating system for session host virtual machines

• Appropriate licenses

• Network connectivity

• A Remote Desktop client like Windows App.

AVD components:

1. RD Broker: Orchestrates incoming connection.

1. RD Diagnostics:

1. RD gateway: A web socket service for RDP connectivity.

2. RD Web: the user-facing web site and endpoint and returns the connection information to the user's device.

3. Geographical database: Contains the connection file (.rdp) and icons for every resource that a user has been provisioned.

What is RDP Shortpath and key benefits:

RDP Shortpath establishes a UDP-based transport between a local device Windows App or the Remote Desktop app on supported platforms and session host in Azure Virtual Desktop. By default, the Remote Desktop Protocol (RDP) begins a TCP-based reverse connect transport, then tries to establish a remote session using UDP. If the UDP connection succeeds the TCP connection drops, otherwise the TCP connection is used as a fallback connection mechanism.

UDP-based transport offers better connection reliability and more consistent latency. TCP-based reverse connect transport provides the best compatibility with various networking configurations and has a high success rate for establishing RDP connections.

RDP Shortpath can be used in two ways:

Managed networks, where direct connectivity is established between the client and the session host when using a private connection, such as Azure ExpressRoute or a site-to-site virtual private network (VPN). A connection using a managed network is established in one of the following ways:

A direct UDP connection between the client device and session host, where you need to enable the RDP Shortpath listener and allow an inbound port on each session host to accept connections.

A direct UDP connection between the client device and session host, using the Simple Traversal Underneath NAT (STUN) protocol between a client and session host. Inbound ports on the session host aren't required to be allowed.

Public networks, where direct connectivity is established between the client and the session host when using a public connection. There are two connection types when using a public connection, which are listed here in order of preference:

A direct UDP connection using the Simple Traversal Underneath NAT (STUN) protocol between a client and session host.

An relayed UDP connection using the Traversal Using Relay NAT (TURN) protocol between a client and session host.